In this post I will show the best free WordPress plugins that I came within my short blogging career.
I wanted to limit their number to a minimum, so I only kept the ones I consider to be a must. Here is the list ordered from the most to the least important.
[Update – April 2, 2015]
I recently joined John Thornhill’s Partnership to Success coaching program. Consequently, I reorganized this blog to match the model suggested by John in his training. It is now based on OptimizePress theme, therefore some of the plugins presented in this post are no longer used.
But still, this post remains a valuable source of inspiration for bloggers who choose to use free stuff exclusively.
[Update – Sept 2017]
Many of the plugins presented here are no longer used on my blog or have been replaced by others. Many things have changed since I first wrote this post, but for historical reasons, I will keep it around.
1. All In One WP Security
After a fresh WordPress installation, you maybe start concerning about the security of your valuable website. The best security plugin IMHO would be All In One WP Security.
All the rules are conveniently distributed in several admin pages and most of them are implemented by automatically adding directives in .htaccess file. There is also a dashboard displaying the protection degree of your site as well as the spots requiring your attention.
The plugin is packed with A LOT of security rules, but I found that not all of them are practical or desirable, at least for me. Some of them may disrupt the normal behavior of WordPress or other plugins, or may even worsen the user experience.
So, here is the list of the rules I don’t use, as well as the reason. It’s just a handful of them, I’m still using most of them, though, and I have no problem exposing my own setup because I’m quite confident in the efficiency of this plugin.
The option names are shown as page/tab/option or page/tab:
- User Login/Force Logout – This enables an expiration time for admins. I don’t use this because I’m logging in to my blog only from known computers, but this is entirely up to your taste.
- User Registration/Manual Approval & User Registration/Registration Captcha – As long as my blog is edited exclusively by me, there is no point of using them, but it may prove useful for a membership site, though.
- Filesystem Security/File Editing – I want to have access to css and php files easily. It’s only me here.
- Blacklist Manager/Ban Users – This is for filtering out IP addresses and user agent strings. I’m not currently using this, but it may prove useful in the future.
- Firewall/Basic Firewall Rules/Pingback Vulnerability Protection – I don’t use this because it filters XML-RPC protocol entirely. I’m using another mechanism to disable pingbacks, namely a small piece of code in functions.php.
- Firewall/Additional Firewall Rules/Proxy Comment Posting – I initially enabled this, but when I tried to post a comment from my job to test it, I got rejected! We have a Microsoft ISA Server in our network topology, and that triggered this filter, I presume. It seems that there are also legitimate users behind proxy servers, and they must not be blocked.
- Firewall/Additional Firewall Rules/Bad Query Strings – This is another filter that may cause problems. It blocks the access when the URL contains words from a predefined set or when there is a match with a set of patterns. I was once blocked when I wanted to install a plugin, so I disabled this filter too. It’s a little bit too protective.
- Firewall/5G – I’m currently using this one, but I had problems with another blog where I was using JetPack plugin. So, if you are using JetPack and have problems, try to disable the 5G option first. It appears to affect XML-RPC.
- Firewall/Prevent Hotlinks – I want people to find my blog when searching for images too, so I didn’t enable this.
- Firewall/404 Detection – I implemented something entirely different for “404 Not Found” errors. Read further.
- Brute Force – In this section I’m using only the Honeypot option. I think that all others are affecting too much the user experience.
- SPAM Prevention/Comment SPAM/Enable Captcha On Comments Form – As a rule of thumb, I’m against captcha, the users would be too much annoyed. On the other hand, the other option on the same page is quite useful (Block Spambot Comments).
- Scanner/File Change Detection – Not using for now. It’s up to your taste.
- Miscellaneous/Copy Protection – I have nothing against users to copy my content. There are other methods to reduce content stealing.
[Edit September 2017]
Now I’m using Wordfence plugin, which I think is better and easier to configure.
2. Cookies for Comments
Security and comments again! I’m also using Cookies for Comments, which prevents posting a comment if it’s not done through the comment form. The comment form puts a cookie in the browser that is subsequently checked for presence when you submit the comment. Simple and effective.
It also prevents posting comments too fast after the post has been displayed.
Well, if these simple automatic attempts won’t stop spammers, maybe a heuristic approach will do better. See plugin no. 3.
3. Akismet
This one is preinstalled and can be used right away. It keeps spammers away from your comment areas by using a heuristic analysis. All you have to do is activate it and follow directions to obtain a free API key by creating a personal free account on Akismet site.
4. WordPress SEO by Yoast
Another must have plugin is one which takes care of in-page SEO. There are plenty of them out there, but I chose WordPress SEO by Yoast. Even if the author (Joost de Valk) seem to be “a little bit” egocentric by filling his site with his caricatures, I must admit that he and his team are doing a great job.
This plugin can do several useful things, like:
- Rewrite titles and meta tags in the header section.
- Clean-up the header from unnecessary tags.
- Add Open Graph, Google and Twitter specific meta tags.
- Implement XML sitemap and pinging for optimized search engine indexing.
- Optimize permalinks
- Optimize post and page content to better comply with Google algorithms.
And many other smaller but important things.
In edit post/page screen it creates a tabbed metabox where you can customize the SEO setting on a per post basis.
5. Google Analytics Dashboard for WP
You always have to know how well is doing your site. Fortunately, Google provides us with a very useful and free tool, Google Analytics. But in order to use it, you have to install a tracking code on every page of your site. Fortunately, in WordPress, you have to do it only once at template or plugin level.
There are many ways to do it, for example by inserting it directly in your theme’s header template, or by using a plugin that can include arbitrary code in header or footer sections.
I found a better way by using this little gem, Google Analytics Dashboard for WP.
Not only it inserts the basic tracking code, but it also may include code enabling all advanced tracking features, like advanced links, remarketing, demographics, interests, events, and others.
It also displays the most useful analytics reports right in your admin dashboard. For admins, it can display a page specific report on every page or post, too.
For information on how to setup a Google Analytics account, please visit their site.
6. Caldera Forms
I think that every site needs some kind of form plugin, at least for the contact page to ease the communication between visitors and the webmaster.
There are many popular form plugins, like Gravity Forms, Contact Forms 7 or Ninja Forms, but they are either premium or free/premium combination with the free version not implementing the functionality I needed (calculated fields or conditional visibility of fields).
So I decided to use a less known form plugin, Caldera Forms. It supports multiple forms and calculated fields. It is best suitable for contact forms and calculators of any kind. It also has premium extensions supporting various autoresponders and payment processors.
Well, I think you cannot have all for free, the developers must eat, too.
I admit that I had some problems with the plugin default styling in combination with my theme, but I solved this issue easily: I disabled the plugin’s default styles and defined my own, like this:
.caldera-grid {width: 100%; display: table}
.caldera-grid .form-group {padding: 5px 0 0;}
.caldera-grid .form-group .form-control {width: 100%;}
.caldera-grid .col-sm-12{width:100%;}
.caldera-grid .col-sm-11{width:91.66%;}
.caldera-grid .col-sm-10{width:83.33%;}
.caldera-grid .col-sm-9{width:75%;}
.caldera-grid .col-sm-8{width:66.66%;}
.caldera-grid .col-sm-7{width:58.33%;}
.caldera-grid .col-sm-6{width:50%;}
.caldera-grid .col-sm-5{width:41.66%;}
.caldera-grid .col-sm-4{width:33.33%;}
.caldera-grid .col-sm-3{width:25%;}
.caldera-grid .col-sm-2{width:16.66%;}
.caldera-grid .col-sm-1{width:8.33%;}
.caldera-grid .row>div {float: left; padding: 0 5px}
.caldera-grid .row>.first_col{padding: 0 5px 0 0;}
.caldera-grid .row>.last_col{padding: 0 0 0 5px;}
.caldera-grid .row>.single{padding: 0;}7. Conditional Widgets
Conditional Widgets can control the widget visibility in a very granular way. You can decide the visibility of any particular widget at post, page or category level.
8. 404 Page
This little plugin, 404 Page, can customize 404 Not Found error by defining any normal page as 404 page. When doing this, I was wondering how to hide this special page from other places, like XML sitemap or sitemap page, or searches.
The first part was already doable by setting the page as noindex in the SEO by Yoast meta box. By doing this, the page cease to be advertised in XML sitemap and will not be indexed by Google. For the second part, I had to find another plugin. See plugin no. 9.
9. WP Hide Post
This also little plugin, WP Hide Post, enables you to hide pages or posts within different places in WordPress. It creates a Page Visibility metabox on edit post/page screen.
As an example, I used a page as 404 page, so I had to set it as noindex in SEO by Yoast metabox and also hide it in Page Visibility metabox (the 3rd option).
10. Custom Error Pages
Well, if I decided to customize the 404 page, why not customize other frequent errors, too? So having this thought in my mind I found a plugin that fitted perfectly.
I’m talking about Custom Error Pages. It can customize 403 Forbidden and 401 Not Authorized errors.
The 403 occurs when you try to access a resource that is forbidden per policy (for example a directory), and the 401 occurs when you try to access a resource protected by HTTP authentication without proper credentials.
IMO its design is better than the 404 Page one because the content for the two pages is defined inside its settings page, not as normal pages. This has the advantage of not having to hide these pages throughout different places.
I wish it covered the 404 page functionality, too. Maybe I’ll write such a combined plugin myself when I’ll have more time.
11. FD Feedburner Plugin
I’m using Feedburner for my blog’s feed. It’s not required, but it’s my choice. I just want to keep the feed’s analytics.
For that I’m using FD Feedburner Plugin to automatically redirect the normal feed URL marketingwithvladimir.com/feed to feeds.feedburner.com/MarketingWithVladimir. Optionally, it can handle comment feeds.
12. Prioritize Hooks
I find Prioritize Hooks EXTREMELY useful! It can change the priority of WordPress filters and actions. IMO this functionality should’ve been included in the WordPress core, as it’s extremely useful.
Let me put it this way: you want to use two plugins, both of them inserting some information after the post content. If each one installs a content filter to achieve this, both with the default priority of 10, how can you tell which one will come first?
The answer is: you can’t. Unless you could change the filters’ and actions’ priorities. Well, normally you can’t but with this plugin, you can. It’s also very educational because you can practically see which filters and actions are used by which plugin or WordPress core and with which priority. Pretty cool, huh?
Now you can change these priorities. I’m using it only to change the display order of some elements by changing the priorities for the relevant “the_content” filters.
13. Redirection
I just love this plugin! Redirection can be used, for example, to hide affiliate links, but it also automatically creates redirections when you change the permalink of a post or page.
14. Simple Share Buttons Adder
Simple Share Buttons Adder simply adds sharing buttons. If you want to be noticed, one of the things you can do is to facilitate visitors to share your content. I’ve tested many plugins, but most of them are gathering statistical data on the sites of their creators, thus making your pages to load slower. This one is extremely lightweight. I’m not sure yet if I’ll stick with it, but for now, I’m very pleased.
15. Simple Follow Me Social Buttons Widget
This Simple Follow Me Social Buttons Widget plugin is rather new and it hasn’t many features yet, but it does the trick of displaying follow me icons in a widget which I can place anywhere on the site.
16. Widgets on Pages
Widgets on Pages plugin can be used to extend the widget areas throughout your site. You can create unlimited sidebars and place them anywhere you want using shortcodes, even inside posts or pages. You can also place them in the theme’s templates in areas not initially designed for widgets. Full freedom!
I just noticed that it is no longer supported or maintained, but it just works. It uses only basic API, so I’m not worried at all.
In my blog, I’m using it to display the sign-in form after each post content. I created a sidebar named BelowContent in the plugin’s settings page and slipped a little code snippet in functions.php to make the sidebar appear below single posts:
/* add widget area below single posts */
add_filter('the_content', function($text) {
if(is_single())
return $text . do_shortcode('[widgets_on_pages id=BelowContent]');
else
return $text;
});Now, in the Appearance -> Widgets admin screen, you can edit the widgets you want to appear right below the content, in BelowContent sidebar. Pretty nifty 🙂
17. Simple Links
WordPress versions prior to 3.5 used to have this Link Manager or blogroll enabling you to display a list of useful links in a widget. This component has been removed from the core. To achieve this functionality again, a separate plugin has been developed some time ago, Link Manager, which is not maintained anymore.
Fortunately, I found another free plugin having the same functionality, Simple Links. It is a simple list of links that can be displayed as a widget, like in old times.
You may choose between the two.
18. Crayon Syntax Highlighter
Did you see the colored source snippets above? It’s Crayon Syntax Highlighter doing this. It’s so cool, that I cannot say it enough! It can color the syntax for a huge list of programming languages, some of them I even didn’t heard about!
It worth noting that it can be configured to work without any shortcodes whatsoever, only with HTML tags, which is the preferred mode anyway. With my current configuration it uses only <pre></pre> for block snippets and <span></span> for inline snippets. To be correctly displayed, I usually paste the snippet in the Visual editor, and if necessary I switch to the Text editor to adjust the ENTER characters.
If your block snippet must contain TAB characters for indentation, it’s better to edit it in Notepad, for example, then copy/paste into the post.
19. Autoresponder Integration Plugin
You may have heard about the two most popular autoresponders, AWeber and GetResponse. They are very similar in every aspect.
I’m currently using GetResponse and to better integrate their webforms into my site, I’m using this official GetResponse Integration Plugin.
Update:
I recently moved all my lists to AWeber, and consequently, I’m using their integration plugin now.
Despite many bad reviews it received, I assure you that the plugin has nothing to do with the claimed bugs. Only the currently used theme’s stylesheet may produce some undesirable display defects, which can be easily fixed.
I’m currently using it only for the “Notify me of new content…” checkbox below the comment form. Yes, if you check this while commenting you end up in one of my autoresponder’s list. 😉
20. Popup Maker
This is what causes the display of popups (or popovers) on my blog inviting you to get an e-book in exchange for your email address. 🙂
Popup Maker is the best free plugin that does that. You can even create multiple popovers using only the free version. It has some premium extensions, but using only the free stuff it is fully manageable.
Conclusion
Using exclusively free plugins you can build fully functional blogs with everything it needs.
Of course, there are some cooler premium plugins out there, but I wanted to prove that it is perfectly possible to avoid them, at least until your business will grow and you’ll be able to afford them.
That being said, I wish you success in your business.
great article thank u for posting.
Thank you for reading my post.
Wow! I’m really impressed with the list of not just very important, but FREE plugins you dropped here, Vladimir. I’ll surely see to it that I get hold of such ASAP.
Thanks, once again, for the quality post. Regards!
Hi and thanks for stopping by!
Thanks for sharing this helpful lists. These plugin are simple to use much more than any other SEO plugins I’ve tried them. I had tired some other plugins here http://codecondo.com/top-10-plugins-which-every-wordpress-website-must-have-in-2015/
Thanks so much for the awesome post
Great list of plugins. I would like to add more Plugins which are free and essential Plugins. Which has unique and amazing features.Have a look at: https://goo.gl/2oSdxb